[Dovecot] Specify auth service for protocols
Lukas Garberg
lukas at spritelink.net
Mon Sep 6 17:42:54 EEST 2010
Hi all,
I'm building a mail system where two machines are functioning both as
POP3/IMAP-proxy (using dovecot 1.2.12) and SMTP-server with
authentication for outgoing mail. The SMTP-server is postfix with
dovecot SASL as authentication backend. User credentials for SMTP auth
as well as the mapping from account to final server for the proxy is
stored in a MySQL-database which dovecot queries.
As I want the POP3/IMAP-proxy to accept any username and password (as
the final POP3/IMAP server takes care of the authentication) the passdb
SQL query has the statements "NULL AS password, 'Y' AS nopassword, 'Y'
AS proxy" added to the query.
As these additions cannot be used in the SQL query for the auth service
used by postfix (as users would be able to authenticate with any
password) I have defined a second auth service (auth postfix { ... }) in
dovecot.conf which is slightly different; it returns the password hash
instead of NULL as password and skips the proxy and nopasswd part.
This works fine on one server, but on the other one the auth services
get mixed up and the service defined for postfix (missing password and
proxy stuff) is used by the POP3 and IMAP services and vice versa, which
breaks the proxying. I've been trying my best to find any difference
between the configuration of the two machines, but without result. The
configurations are simply copies of each other.
So, to finally arrive at my question: Is there any way to specify which
authentication service is to be used by each protocol in dovecot.conf?
Or is the solution instead to rewrite the passdb-query to take the
service into account and return 'Y' AS proxy when the service is postfix
and 'N' AS proxy when the service is POP3 or IMAP as I then would be
able to use only one authentication backend?
Sorry for the lengthy post and thank you in advance!
Regards,
Lukas Garberg
More information about the dovecot
mailing list